{ "scan": { "algorithmVersion": 4, "grade": "B+", "error": null, "score": 80, "statusCode": 200, "testsFailed": 1, "testsPassed": 9, "testsQuantity": 10, "responseHeaders": { "date": "Sat, 12 Jul 2025 07:11:02 GMT", "server": "HTTPS", "x-content-type-options": "nosniff", "referrer-policy": "strict-origin-when-cross-origin", "expect-ct": "max-age=604800, report-uri=\"https://sentry.eea.europa.eu/api/25/security/?sentry_key=36e966c526304fb38680f19ac1927bb5\"", "x-xss-protection": "1", "content-security-policy": "default-src 'self' blob: data: https://*.eea.europa.eu https://*.eionet.europa.eu; connect-src 'self' https://*.arcgis.com https://services.arcgisonline.com https://*.openstreetmap.org https://cds.climate.copernicus.eu https://*.eea.europa.eu https://*.eionet.europa.eu http://*.eea.europa.eu; font-src 'self' data: https://js.arcgis.com https://cds.climate.copernicus.eu https://cdnjs.cloudflare.com/ https://*.eea.europa.eu https://*.eionet.europa.eu; frame-src 'self' https://mission-climate-adapt-map.agiledrop.com https://apps.copernicus-climate.eu https://charts.ecmwf.int https://eucra.climate.ifca.es/ https://apps.ecmwf.int https://ec.europa.eu/ https://geoportal.ecdc.europa.eu https://flo.uri.sh https://*.eea.europa.eu https://*.eionet.europa.eu https://eea.maps.arcgis.com http://*.eea.europa.eu; img-src http: https: blob: data: https://js.arcgis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://fonts.googleapis.com https://matomo.eea.europa.eu https://cds.climate.copernicus.eu/ https://openlayers.org/ https://www.google.com/jsapi https://js.arcgis.com/ https://public.flourish.studio/ https://*.eea.europa.eu https://*.eionet.europa.eu http://*.eea.europa.eu; frame-ancestors 'self' https://geoportal.ecdc.europa.eu https://*.eea.europa.eu https://*.europa.eu; style-src 'self' 'unsafe-inline' https://js.arcgis.com https://openlayers.org/ https://cds.climate.copernicus.eu/ https://*.eionet.europa.eu https://*.eea.europa.eu https://cdnjs.cloudflare.com https://charts.ecmwf.int https://eucra.climate.ifca.es/ https://code.jquery.com; report-uri https://sentry.eea.europa.eu/api/25/security/?sentry_key=36e966c526304fb38680f19ac1927bb5", "content-type": "text/html; charset=utf-8", "x-url": "/en", "x-backend-name": "cluster(10.42.168.5:3000)", "x-cacheable": "YES", "vary": "Accept-Encoding", "x-varnish": "6872184 4611881", "age": "23", "via": "1.1 cca-website-backend-varnish-frontend-1 (Varnish/7.7)", "accept-ranges": "bytes", "grace": "normal(limited)", "x-backend": "cluster(frontend:(null))", "x-cache": "HIT", "content-length": "119145", "x-frame-options": "SAMEORIGIN", "strict-transport-security": "max-age=15780000;", "connection": "close" } }, "tests": { "content-security-policy": { "expectation": "csp-implemented-with-no-unsafe", "pass": false, "result": "csp-implemented-with-unsafe-inline", "scoreModifier": -20, "data": { "default-src": [ "'self'", "blob:", "data:", "https://*.eea.europa.eu", "https://*.eionet.europa.eu" ], "connect-src": [ "'self'", "http://*.eea.europa.eu", "https://*.arcgis.com", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://*.openstreetmap.org", "https://cds.climate.copernicus.eu", "https://services.arcgisonline.com" ], "font-src": [ "'self'", "data:", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://cdnjs.cloudflare.com/", "https://cds.climate.copernicus.eu", "https://js.arcgis.com" ], "frame-src": [ "'self'", "http://*.eea.europa.eu", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://apps.copernicus-climate.eu", "https://apps.ecmwf.int", "https://charts.ecmwf.int", "https://ec.europa.eu/", "https://eea.maps.arcgis.com", "https://eucra.climate.ifca.es/", "https://flo.uri.sh", "https://geoportal.ecdc.europa.eu", "https://mission-climate-adapt-map.agiledrop.com" ], "img-src": [ "blob:", "data:", "http:", "https:" ], "script-src": [ "'self'", "'unsafe-eval'", "'unsafe-inline'", "blob:", "data:", "http://*.eea.europa.eu", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://cds.climate.copernicus.eu/", "https://fonts.googleapis.com", "https://js.arcgis.com/", "https://matomo.eea.europa.eu", "https://openlayers.org/", "https://public.flourish.studio/", "https://www.google.com/jsapi" ], "frame-ancestors": [ "'self'", "https://*.eea.europa.eu", "https://*.europa.eu", "https://geoportal.ecdc.europa.eu" ], "style-src": [ "'self'", "'unsafe-inline'", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://cdnjs.cloudflare.com", "https://cds.climate.copernicus.eu/", "https://charts.ecmwf.int", "https://code.jquery.com", "https://eucra.climate.ifca.es/", "https://js.arcgis.com", "https://openlayers.org/" ], "report-uri": [ "https://sentry.eea.europa.eu/api/25/security/?sentry_key=36e966c526304fb38680f19ac1927bb5" ] }, "http": true, "meta": false, "policy": { "antiClickjacking": true, "defaultNone": false, "insecureBaseUri": true, "insecureFormAction": true, "insecureSchemeActive": true, "insecureSchemePassive": true, "strictDynamic": false, "unsafeEval": true, "unsafeInline": true, "unsafeInlineStyle": true, "unsafeObjects": false }, "numPolicies": 1 }, "cookies": { "expectation": "cookies-secure-with-httponly-sessions", "pass": true, "result": "cookies-not-found", "scoreModifier": 0, "data": null, "sameSite": false }, "cross-origin-resource-sharing": { "expectation": "cross-origin-resource-sharing-not-implemented", "pass": true, "result": "cross-origin-resource-sharing-not-implemented", "scoreModifier": 0, "data": null }, "redirection": { "expectation": "redirection-to-https", "pass": true, "result": "redirection-to-https", "scoreModifier": 0, "destination": "https://climate-adapt.eea.europa.eu/en", "redirects": true, "route": [ "http://climate-adapt.eea.europa.eu/", "https://climate-adapt.eea.europa.eu/", "https://climate-adapt.eea.europa.eu/en" ], "statusCode": 200 }, "referrer-policy": { "expectation": "referrer-policy-private", "pass": true, "result": "referrer-policy-private", "scoreModifier": 5, "data": "strict-origin-when-cross-origin", "http": true, "meta": false }, "strict-transport-security": { "expectation": "hsts-implemented-max-age-at-least-six-months", "pass": true, "result": "hsts-implemented-max-age-at-least-six-months", "scoreModifier": 0, "data": "max-age=15780000;", "includeSubDomains": false, "maxAge": 15780000, "preload": false, "preloaded": false }, "subresource-integrity": { "expectation": "sri-implemented-and-external-scripts-loaded-securely", "pass": true, "result": "sri-not-implemented-but-all-scripts-loaded-from-secure-origin", "scoreModifier": 0, "data": {} }, "x-content-type-options": { "expectation": "x-content-type-options-nosniff", "pass": true, "result": "x-content-type-options-nosniff", "scoreModifier": 0, "data": "nosniff" }, "x-frame-options": { "expectation": "x-frame-options-sameorigin-or-deny", "pass": true, "result": "x-frame-options-implemented-via-csp", "scoreModifier": 5, "data": "SAMEORIGIN" }, "cross-origin-resource-policy": { "expectation": "corp-implemented-with-same-site", "pass": true, "result": "corp-not-implemented", "scoreModifier": 0, "data": null, "http": false, "meta": false } } }